karaf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jean-Baptiste Onofré ...@nanthrax.net>
Subject Re: svn commit: r1476704 - in /karaf/branches/karaf-2.x: assemblies/apache-karaf/src/main/distribution/text/etc/ management/server/src/main/java/org/apache/karaf/management/ management/server/src/main/resources/OSGI-INF/blueprint/ management/server/src/mai...
Date Sun, 28 Apr 2013 08:37:28 GMT
+1

It sounds good to me.

Regards
JB

On 04/28/2013 08:34 AM, Dan Tran wrote:
> you can relate them to together and close both when you are done.
>
> thanks
>
> -D
>
>
> On Sat, Apr 27, 2013 at 9:50 PM, Freeman Fang <freeman.fang@gmail.com>wrote:
>
>> Hi,
>>
>> Yeah, if you specify both rmiRegistryHost and rmiServerHost as
>> 127.0.0.1(localhost), then this can prevent remote jmx access.
>> -------------
>> Freeman(Yue) Fang
>>
>> Red Hat, Inc.
>> FuseSource is now part of Red Hat
>> Web: http://fusesource.com | http://www.redhat.com/
>> Twitter: freemanfang
>> Blog: http://freemanfang.blogspot.com
>> http://blog.sina.com.cn/u/1473905042
>> weibo: @Freeman小屋
>>
>> On 2013-4-28, at 下午12:08, Dan Tran wrote:
>>
>>> is this related to https://issues.apache.org/jira/browse/KARAF-2137 ??
>>>
>>> Thanks
>>>
>>> -D
>>>
>>>
>>> On Sat, Apr 27, 2013 at 7:27 PM, Freeman Fang <freeman.fang@gmail.com
>>> wrote:
>>>
>>>> It's backward compatible for the early karaf 2.3.x, but the karaf 2.2.x
>>>> default org.apache.karaf.management.cfg should also work.
>>>> -------------
>>>> Freeman(Yue) Fang
>>>>
>>>> Red Hat, Inc.
>>>> FuseSource is now part of Red Hat
>>>> Web: http://fusesource.com | http://www.redhat.com/
>>>> Twitter: freemanfang
>>>> Blog: http://freemanfang.blogspot.com
>>>> http://blog.sina.com.cn/u/1473905042
>>>> weibo: @Freeman小屋
>>>>
>>>> On 2013-4-28, at 上午10:22, Dan Tran wrote:
>>>>
>>>>> Oops, sorry this does not apply to 2.2.x
>>>>>
>>>>> -D
>>>>>
>>>>> On Saturday, April 27, 2013, Dan Tran wrote:
>>>>>
>>>>>> is this backward compatible with existing karaf 2.2.x
>>>>>> org.apache.karaf.managment.cfg file?
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Sat, Apr 27, 2013 at 6:44 PM, <ffang@apache.org <javascript:_e({},
>>>>>> 'cvml', 'ffang@apache.org');>> wrote:
>>>>>>
>>>>>>> Author: ffang
>>>>>>> Date: Sun Apr 28 01:44:25 2013
>>>>>>> New Revision: 1476704
>>>>>>>
>>>>>>> URL: http://svn.apache.org/r1476704
>>>>>>> Log:
>>>>>>> [KARAF-2291]make rmiServerHost configurable
>>>>>>>
>>>>>>> Modified:
>>>>>>>
>>>>>>>
>>>>
>> karaf/branches/karaf-2.x/assemblies/apache-karaf/src/main/distribution/text/etc/org.apache.karaf.management.cfg
>>>>>>>
>>>>>>>
>>>>
>> karaf/branches/karaf-2.x/management/server/src/main/java/org/apache/karaf/management/ConnectorServerFactory.java
>>>>>>>
>>>>>>>
>>>>
>> karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/blueprint/karaf-management.xml
>>>>>>>
>>>>>>>
>>>>
>> karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/metatype/metatype.properties
>>>>>>>
>>>>>>>
>>>>
>> karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/metatype/metatype.xml
>>>>>>>
>>>>>>> Modified:
>>>>>>>
>>>>
>> karaf/branches/karaf-2.x/assemblies/apache-karaf/src/main/distribution/text/etc/org.apache.karaf.management.cfg
>>>>>>> URL:
>>>>>>>
>>>>
>> http://svn.apache.org/viewvc/karaf/branches/karaf-2.x/assemblies/apache-karaf/src/main/distribution/text/etc/org.apache.karaf.management.cfg?rev=1476704&r1=1476703&r2=1476704&view=diff
>>>>>>>
>>>>>>>
>>>>
>> ==============================================================================
>>>>>>> ---
>>>>>>>
>>>>
>> karaf/branches/karaf-2.x/assemblies/apache-karaf/src/main/distribution/text/etc/org.apache.karaf.management.cfg
>>>>>>> (original)
>>>>>>> +++
>>>>>>>
>>>>
>> karaf/branches/karaf-2.x/assemblies/apache-karaf/src/main/distribution/text/etc/org.apache.karaf.management.cfg
>>>>>>> Sun Apr 28 01:44:25 2013
>>>>>>> @@ -36,6 +36,8 @@ rmiRegistryHost = 0.0.0.0
>>>>>>> #
>>>>>>> rmiServerPort = 44444
>>>>>>>
>>>>>>> +rmiServerHost = 0.0.0.0
>>>>>>> +
>>>>>>> #
>>>>>>> # Name of the JAAS realm used for authentication
>>>>>>> #
>>>>>>> @@ -44,7 +46,7 @@ jmxRealm = karaf
>>>>>>> #
>>>>>>> # The service URL for the JMXConnectorServer
>>>>>>> #
>>>>>>> -serviceUrl = service:jmx:rmi://0.0.0.0:
>>>>>>>
>>>>
>> ${rmiServerPort}/jndi/rmi://${rmiRegistryHost}:${rmiRegistryPort}/karaf-${
>>>>>>> karaf.name}
>>>>>>> +serviceUrl =
>>>>>>>
>>>>
>> service:jmx:rmi://${rmiServerHost}:${rmiServerPort}/jndi/rmi://${rmiRegistryHost}:${rmiRegistryPort}/karaf-${
>>>>>>> karaf.name}
>>>>>>>
>>>>>>> #
>>>>>>> # Whether any threads started for the JMXConnectorServer should
be
>>>>>>> started as daemon threads
>>>>>>>
>>>>>>> Modified:
>>>>>>>
>>>>
>> karaf/branches/karaf-2.x/management/server/src/main/java/org/apache/karaf/management/ConnectorServerFactory.java
>>>>>>> URL:
>>>>>>>
>>>>
>> http://svn.apache.org/viewvc/karaf/branches/karaf-2.x/management/server/src/main/java/org/apache/karaf/management/ConnectorServerFactory.java?rev=1476704&r1=1476703&r2=1476704&view=diff
>>>>>>>
>>>>>>>
>>>>
>> ==============================================================================
>>>>>>> ---
>>>>>>>
>>>>
>> karaf/branches/karaf-2.x/management/server/src/main/java/org/apache/karaf/management/ConnectorServerFactory.java
>>>>>>> (original)
>>>>>>> +++
>>>>>>>
>>>>
>> karaf/branches/karaf-2.x/management/server/src/main/java/org/apache/karaf/management/ConnectorServerFactory.java
>>>>>>> Sun Apr 28 01:44:25 2013
>>>>>>> @@ -20,6 +20,7 @@ import org.apache.karaf.jaas.config.Keys
>>>>>>>
>>>>>>> import java.io.IOException;
>>>>>>> import java.net.BindException;
>>>>>>> +import java.net.InetAddress;
>>>>>>> import java.net.ServerSocket;
>>>>>>> import java.rmi.server.RMIClientSocketFactory;
>>>>>>> import java.rmi.server.RMIServerSocketFactory;
>>>>>>> @@ -33,6 +34,7 @@ import javax.management.remote.JMXConnec
>>>>>>> import javax.management.remote.JMXConnectorServerFactory;
>>>>>>> import javax.management.remote.JMXServiceURL;
>>>>>>> import javax.management.remote.rmi.RMIConnectorServer;
>>>>>>> +import javax.net.ServerSocketFactory;
>>>>>>> import javax.net.ssl.KeyManagerFactory;
>>>>>>> import javax.net.ssl.SSLServerSocket;
>>>>>>> import javax.net.ssl.SSLServerSocketFactory;
>>>>>>> @@ -44,6 +46,7 @@ public class ConnectorServerFactory {
>>>>>>>
>>>>>>>     private MBeanServer server;
>>>>>>>     private String serviceUrl;
>>>>>>> +    private String rmiServerHost;
>>>>>>>     private Map environment;
>>>>>>>     private ObjectName objectName;
>>>>>>>     private boolean threaded = false;
>>>>>>> @@ -201,11 +204,12 @@ public class ConnectorServerFactory {
>>>>>>>     }
>>>>>>>
>>>>>>>     public void init() throws Exception {
>>>>>>> +        System.out.println("the serviceUrl is " + serviceUrl);
>>>>>>>         if (this.server == null) {
>>>>>>>             throw new IllegalArgumentException("server must be
set");
>>>>>>>         }
>>>>>>>         JMXServiceURL url = new JMXServiceURL(this.serviceUrl);
>>>>>>> -
>>>>>>> +        setupKarafRMIServerSocketFactory();
>>>>>>>         if (isClientAuth()) {
>>>>>>>             this.secured = true;
>>>>>>>         }
>>>>>>> @@ -280,7 +284,7 @@ public class ConnectorServerFactory {
>>>>>>>
>>>>>>>     private void setupSsl() throws GeneralSecurityException {
>>>>>>>         SSLServerSocketFactory sslServerSocketFactory =
>>>>>>> keystoreManager.createSSLServerFactory(null, secureProtocol,
>> algorithm,
>>>>>>> keyStore, keyAlias, trustStore, keyStoreAvailabilityTimeout);
>>>>>>> -        RMIServerSocketFactory rmiServerSocketFactory = new
>>>>>>> KarafSslRMIServerSocketFactory(sslServerSocketFactory,
>>>> this.isClientAuth());
>>>>>>> +        RMIServerSocketFactory rmiServerSocketFactory = new
>>>>>>> KarafSslRMIServerSocketFactory(sslServerSocketFactory,
>>>> this.isClientAuth(),
>>>>>>> getRmiServerHost());
>>>>>>>         RMIClientSocketFactory rmiClientSocketFactory = new
>>>>>>> SslRMIClientSocketFactory();
>>>>>>>
>>>>>>>
>> environment.put(RMIConnectorServer.RMI_SERVER_SOCKET_FACTORY_ATTRIBUTE,
>>>>>>> rmiServerSocketFactory);
>>>>>>>
>>>>>>>
>> environment.put(RMIConnectorServer.RMI_CLIENT_SOCKET_FACTORY_ATTRIBUTE,
>>>>>>> rmiClientSocketFactory);
>>>>>>> @@ -288,20 +292,54 @@ public class ConnectorServerFactory {
>>>>>>>         // environment.put("com.sun.jndi.rmi.factory.socket",
>>>>>>> rmiClientSocketFactory);
>>>>>>>     }
>>>>>>>
>>>>>>> +    private void setupKarafRMIServerSocketFactory() {
>>>>>>> +        RMIServerSocketFactory rmiServerSocketFactory = new
>>>>>>> KarafRMIServerSocketFactory(getRmiServerHost());
>>>>>>> +
>>>>>>>
>> environment.put(RMIConnectorServer.RMI_SERVER_SOCKET_FACTORY_ATTRIBUTE,
>>>>>>> rmiServerSocketFactory);
>>>>>>> +    }
>>>>>>> +
>>>>>>> +    public String getRmiServerHost() {
>>>>>>> +        return rmiServerHost;
>>>>>>> +    }
>>>>>>> +
>>>>>>> +    public void setRmiServerHost(String rmiServerHost) {
>>>>>>> +        this.rmiServerHost = rmiServerHost;
>>>>>>> +    }
>>>>>>> +
>>>>>>>     private static class KarafSslRMIServerSocketFactory implements
>>>>>>> RMIServerSocketFactory {
>>>>>>>         private SSLServerSocketFactory sslServerSocketFactory;
>>>>>>>         private boolean clientAuth;
>>>>>>> +        private String rmiServerHost;
>>>>>>>
>>>>>>> -        public KarafSslRMIServerSocketFactory(SSLServerSocketFactory
>>>>>>> sslServerSocketFactory, boolean clientAuth) {
>>>>>>> +        public KarafSslRMIServerSocketFactory(SSLServerSocketFactory
>>>>>>> sslServerSocketFactory, boolean clientAuth, String rmiServerHost)
{
>>>>>>>             this.sslServerSocketFactory = sslServerSocketFactory;
>>>>>>>             this.clientAuth = clientAuth;
>>>>>>> +            this.rmiServerHost = rmiServerHost;
>>>>>>>         }
>>>>>>>
>>>>>>>         public ServerSocket createServerSocket(int port) throws
>>>>>>> IOException {
>>>>>>> -            SSLServerSocket sslServerSocket = (SSLServerSocket)
>>>>>>> sslServerSocketFactory.createServerSocket(port);
>>>>>>> +            System.out.println(rmiServerHost);
>>>>>>> +
>>   System.out.println(InetAddress.getByName(rmiServerHost));
>>>>>>> +            SSLServerSocket sslServerSocket = (SSLServerSocket)
>>>>>>> sslServerSocketFactory.createServerSocket(port, 50,
>>>>>>> InetAddress.getByName(rmiServerHost));
>>>>>>>             sslServerSocket.setNeedClientAuth(clientAuth);
>>>>>>> +            System.out.println(sslServerSocket);
>>>>>>>             return sslServerSocket;
>>>>>>>         }
>>>>>>>     }
>>>>>>> +
>>>>>>> +    private static class KarafRMIServerSocketFactory implements
>>>>>>> RMIServerSocketFactory {
>>>>>>> +        private String rmiServerHost;
>>>>>>> +
>>>>>>> +        public KarafRMIServerSocketFactory(String rmiServerHost)
{
>>>>>>> +            this.rmiServerHost = rmiServerHost;
>>>>>>> +        }
>>>>>>> +
>>>>>>> +        public ServerSocket createServerSocket(int port) throws
>>>>>>> IOException {
>>>>>>> +            System.out.println(rmiServerHost);
>>>>>>> +
>>   System.out.println(InetAddress.getByName(rmiServerHost));
>>>>>>> +            ServerSocket serverSocket = (ServerSocket)
>>>>>>> ServerSocketFactory.getDefault().createServerSocket(port, 50,
>>>>>>> InetAddress.getByName(rmiServerHost));
>>>>>>> +            System.out.println(serverSocket);
>>>>>>> +            return serverSocket;
>>>>>>> +        }
>>>>>>> +    }
>>>>>>>
>>>>>>> }
>>>>>>>
>>>>>>> Modified:
>>>>>>>
>>>>
>> karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/blueprint/karaf-management.xml
>>>>>>> URL:
>>>>>>>
>>>>
>> http://svn.apache.org/viewvc/karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/blueprint/karaf-management.xml?rev=1476704&r1=1476703&r2=1476704&view=diff
>>>>>>>
>>>>>>>
>>>>
>> ==============================================================================
>>>>>>> ---
>>>>>>>
>>>>
>> karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/blueprint/karaf-management.xml
>>>>>>> (original)
>>>>>>> +++
>>>>>>>
>>>>
>> karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/blueprint/karaf-management.xml
>>>>>>> Sun Apr 28 01:44:25 2013
>>>>>>> @@ -34,6 +34,7 @@
>>>>>>>         <cm:default-properties>
>>>>>>>             <cm:property name="rmiRegistryHost" value="0.0.0.0"/>
>>>>>>>             <cm:property name="rmiRegistryPort" value="1099"/>
>>>>>>> +            <cm:property name="rmiServerHost" value="0.0.0.0"/>
>>>>>>>             <cm:property name="rmiServerPort" value="44444"/>
>>>>>>>             <cm:property name="jmxRealm" value="karaf"/>
>>>>>>>             <cm:property name="jmxRole" value="$[karaf.admin.role]"/>
>>>>>>> @@ -80,6 +81,7 @@
>>>>>>>           destroy-method="destroy">
>>>>>>>         <property name="server" ref="mbeanServer"/>
>>>>>>>         <property name="serviceUrl" value="${serviceUrl}"/>
>>>>>>> +        <property name="rmiServerHost" value="${rmiServerHost}"/>
>>>>>>>         <property name="daemon" value="${daemon}"/>
>>>>>>>         <property name="threaded" value="${threaded}"/>
>>>>>>>         <property name="objectName" value="${objectName}"/>
>>>>>>>
>>>>>>> Modified:
>>>>>>>
>>>>
>> karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/metatype/metatype.properties
>>>>>>> URL:
>>>>>>>
>>>>
>> http://svn.apache.org/viewvc/karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/metatype/metatype.properties?rev=1476704&r1=1476703&r2=1476704&view=diff
>>>>>>>
>>>>>>>
>>>>
>> ==============================================================================
>>>>>>> ---
>>>>>>>
>>>>
>> karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/metatype/metatype.properties
>>>>>>> (original)
>>>>>>> +++
>>>>>>>
>>>>
>> karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/metatype/metatype.properties
>>>>>>> Sun Apr 28 01:44:25 2013
>>>>>>> @@ -30,6 +30,9 @@ rmiRegistryHost.description = host of th
>>>>>>> rmiRegistryPort.name = RMI Registry Port
>>>>>>> rmiRegistryPort.description = port of the registry for the exported
>> RMI
>>>>>>> service
>>>>>>>
>>>>>>> +rmiServerHost.name = RMI Server Host
>>>>>>> +rmiServerHost.description = host of the server for the exported
RMI
>>>>>>> objects. Blank for all interfaces
>>>>>>> +
>>>>>>> rmiServerPort.name = RMI Server Port
>>>>>>> rmiServerPort.description = port of the server for the exported
RMI
>>>>>>> objects
>>>>>>>
>>>>>>>
>>>>>>> Modified:
>>>>>>>
>>>>
>> karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/metatype/metatype.xml
>>>>>>> URL:
>>>>>>>
>>>>
>> http://svn.apache.org/viewvc/karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/metatype/metatype.xml?rev=1476704&r1=1476703&r2=1476704&view=diff
>>>>>>>
>>>>>>>
>>>>
>> ==============================================================================
>>>>>>> ---
>>>>>>>
>>>>
>> karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/metatype/metatype.xml
>>>>>>> (original)
>>>>>>> +++
>>>>>>>
>>>>
>> karaf/branches/karaf-2.x/management/server/src/main/resources/OSGI-INF/metatype/metatype.xml
>>>>>>> Sun Apr 28 01:44:25 2013
>>>>>>> @@ -23,6 +23,8 @@
>>>>>>>             description="%rmiRegistryHost.description"/>
>>>>>>>         <AD id="rmiRegistryPort" type="Integer" default="1099"
>>>>>>> name="%rmiRegistryPort.name"
>>>>>>>             description="%rmiRegistryPort.description"/>
>>>>>>> +        <AD id="rmiServerHost" type="String" default=""
>>>>>>> name="%rmiServerHost.name"
>>>>>>> +            description="%rmiServerHost.description"/>
>>>>>>>         <AD id="rmiServerPort" type="Integer" default="44444"
>>>>>>> name="%rmiServerPort.name"
>>>>>>>             description="%rmiServerPort.description"/>
>>>>>>>         <AD id="jmxRealm" type="String" default="karaf"
>>>>>>> name="%jmxRealm.name"
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>
>>>>
>>
>>
>

-- 
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com

Mime
View raw message